skip book previous and next navigation links
go up to top of book: HP OpenVMS Guide to System Security HP OpenVMS Guide to System Security
go to beginning of part: Security for the System Administrator Security for the System Administrator
go to beginning of chapter: Securing a Cluster Securing a Cluster
go to previous page: Storing Profiles and Auditing Information Storing Profiles and Auditing Information
go to next page: Using the System Management UtilityUsing the System Management Utility
end of book navigation links

Clusterwide Intrusion Detection  



Clusterwide intrusion detection extends protection against attacks of all types throughout the cluster. Intrusion data and information from each system is integrated to protect the cluster as a whole.

You can set the SECURITY_POLICY system parameter on the member systems in your cluster to maintain either a local or a clusterwide intrusion database of unauthorized attempts and the state of any intrusion events.

If bit 7 in SECURITY_POLICY is cleared, all cluster members are made aware if a system is under attack or has any intrusion events recorded. Events recorded on one system can cause another system in the cluster to take restrictive action. (For example, users attempting to log in are monitored more closely and are limited to a certain number of login retries within a limited period of time. Once users exceed either the retry or time limitation, they cannot log in.)

For information on the system services $DELETE_INTRUSION, $SCAN_INTRUSION, and $SHOW_INTRUSION, see the HP OpenVMS System Services Reference Manual .

For information on the DCL commands DELETE INTRUSION and SHOW INTRUSION, see the HP OpenVMS DCL Dictionary .

go to previous page: Storing Profiles and Auditing Information Storing Profiles and Auditing Information
go to next page: Using the System Management UtilityUsing the System Management Utility